130
System76 values and ethics (Opinion) (lemmy.dbzer0.com)
submitted 10 months ago by patchwork@lemmy.dbzer0.com to c/linux@lemmy.ml
74 comments fedilink hide all child comments

Please don't flame me too bad, I understand that although privacy and libre software are important to many in the Linux community, my opinions may be outside the scope of consideration for some and I respect that.

Personally, conscientious consumerism and privacy are some of the primary reasons I use Linux. I prefer community>private business>corporate when I am choosing products and services.

-System76

About 8 years ago I purchased a laptop from System76, the customer service was incredible and the machine exceeded my expectations in build quality and performance.

Recently I've been in the market for a smaller machine, like a Thinkpad X1, StarBook 14 or System76 Lemur.

Last week, when I visited the System76 website they used Plausible's open source analytics on the home page (which is a great alternative to Google's proprietary hardware fingerprinting algorithm), but once I added the laptop to my cart to checkout, I noticed the third-party trackers, apis.google and ajax.googleapis load on the webpage. Google's reCAPTCHA was also required to complete the purchase. Hell, even Discord has switched to hCaptcha at this point citing their laughable "Gamer Privacy First" policy.

IMHO, I find it hypocritical that System76 does so much great work disabling Intel's IME and contributing to coreboot, but chooses to embed proprietary tracking software on their website when open source alternatives are readily available.

  • Reaching out to System 76

After completing 14 reCAPTCHA's I was finally able to get a dialogue with Stetson at System 76. He said that "System 76 takes user data privacy and security extremely seriously, but they would continue to use Google services." His recommended solution was placing the order over the phone if I wasn't comfortable having third-party tracking during checkout.

This is not a solution for me because I don't want to do business with a company that monetizes user data for profit. In my experience, companies that monetize data (Alphabet, Meta, etc..) offer web services cheaper than competitors that don't, in exchange for access to user data. So, if you're getting a commercial service cheaper from a company that sells your user's data, you're also profiting from the sale by paying a lower premium for those services.

Personally, I do not think you're taking user privacy "extremely" seriously if you're running third party trackers and choosing reCAPTCHA (not a privacy respecting service) over hCaptcha on your website.

I really like System 76 and I want to support them with my next purchase, but presently I feel like they are saying one thing and doing another and choosing privacy respecting libre software some of the time when it suits their marketing, but proprietary anti-consumer tracking services when it's more profitable.

top 50 comments
sorted by: hot top controversial new old
[-] robinj1995@feddit.nl 75 points 10 months ago

Purist, hard-line stuff like this will honestly just get you nowhere in 2023. I get where you're coming from, but it's simply not realistic. This is what browser extensions are for.

[-] words_number@programming.dev 24 points 10 months ago

I don't understand what's not realistic about expecting from a company that markets itself as privacy focused to not add surveillance fascist services to their website. It's not like they demand system76 to implement something crazy difficult. Quite the opposite, they just want them to not do something. That shit doesn't add itself to a website. So just don't fucking do it and you're good. What's unrealistic about that?

load more comments (2 replies)
[-] Qvest@lemmy.world 16 points 10 months ago

Exactly. uBlock Origin exists for a reason. No one can block everything, but mitigation tactics exist, and to not use a product just because the website contains trackers, I don’t understand why one would do that if the product itself doesn’t contain trackers, but hey, people are different

[-] primalmotion@lemmy.antisocial.ly 15 points 10 months ago

Being a fatalist will get you some places I personally don't want to go to.

[-] milicent_bystandr@lemm.ee 13 points 10 months ago

I dunno, us ordinary folks get a lot of benefit from the battles purists have waged before us. And sometimes they win big time.

load more comments (2 replies)
[-] mmstick@lemmy.world 41 points 10 months ago* (last edited 10 months ago)

It's not as simple as you think it is. First, we use Plausible instead instead of Google Analytics, so tracking data is not being given to Google. If the choice was purely up to System76's web team, use of Google services wouldn't be required. However, you'll be hard pressed to find any online store that accepts online payments without a captcha service, because most payment processors require it. System76's payment processor also requires it, and will not allow you to substitute your own solution or bypass that requirement. Same as said here: https://lemmy.world/comment/3137069

Customer services and other web-facing frontends are also a constant target of attacks, so a captcha service is required.

[-] patchwork@lemmy.dbzer0.com 5 points 10 months ago

Stripe is one of the largest payment providers on the Internet, they recommend hCaptcha, not Alphabet's reCAPTCHA in their docs, so it's obviously a choice. Please don't proclaim to be "Extremely concerned" with customer privacy and choose a service provided by a data harvesting advertising company to save money when a privacy preserving option is available.

https://stripe.com/docs/disputes/prevention/card-testing

[-] spez@sh.itjust.works 9 points 10 months ago

they recommend hCaptcha, not Alphabet’s reCAPTCHA in their docs

From : https://stripe.com/docs/disputes/prevention/card-testing#captcha

Card testers often use automated scripts that can be blocked using a CAPTCHA. Google’s reCAPTCHA is often effective for blocking card testing.

[-] mmstick@lemmy.world 2 points 10 months ago

Read that document a bit closer. They recommend Google reCAPTCHA.

load more comments (2 replies)
[-] Fazoo@lemmy.ml 37 points 10 months ago

They just resell Chinese laptops anyway, or used to. I opted for a Framework laptop this time.

[-] OsrsNeedsF2P@lemmy.ml 22 points 10 months ago

I got the Pangolin, and have no regrets, but yea if I was in the market again I too would be going with Framework

[-] FMT99@lemmy.world 20 points 10 months ago

Man they look awesome but I can't drop $2k on a laptop. We don't all have US software engineering salaries ;)

[-] astraeus@programming.dev 23 points 10 months ago* (last edited 10 months ago)

Even we who are in US software engineering don’t always have US software engineering salaries

load more comments (1 replies)
[-] OsrsNeedsF2P@lemmy.ml 7 points 10 months ago

Get a used one after the hype dies down :P

[-] thejevans@lemmy.ml 4 points 10 months ago

My Framework 12th gen was $1100

[-] mmstick@lemmy.world 13 points 10 months ago* (last edited 10 months ago)

They are not "resold". The laptops are custom-ordered and manufactured in Taiwan. The same as virtually every computer you buy. Taiwan would be very unhappy to see comments claiming they're Chinese.

[-] aracebo@unilem.org 3 points 10 months ago

I also plan too. Especially now that they offer AMD models.

load more comments (1 replies)
[-] southernwolf@pawb.social 34 points 10 months ago

It's likely something out of their control. I imagine their payment processor either uses it, or requires the site to use it. Mostly to combat automated fraud.

You likely won't find any site, that has online shopping, that doesn't use some sort of way to gatekeep against this behavior, unless it's crypto-based. And even then it likely still has something like that. Even if the site redirects to Paypal, you're gonna face that.

Your approach simply isn't realistic to the modern web. You can try uBlock, but blocking those connections likely will make the site ultimately not work for you.

load more comments (7 replies)
[-] dingleberry@discuss.tchncs.de 31 points 10 months ago

What a nothingburger. How do you people navigate day to day life?

[-] kier@lemmy.world 6 points 10 months ago

My real question is how do they keep in touch with their friends and family

[-] grayman@lemmy.world 12 points 10 months ago

He just yells up from the basement.

load more comments (1 replies)
[-] jet@hackertalks.com 27 points 10 months ago

There's still a business, and they need to be profitable, so they're doing things a business does to stay profitable. But they've stayed very true to their philosophy.

Is the use of these APIs during the checkout process enough to make you go to a different company? What company would you go to that doesn't use any trackers?

load more comments (12 replies)
[-] Rentlar@beehaw.org 25 points 10 months ago* (last edited 10 months ago)

Many payment providers would want websites to implement CAPTCHA for blocking spam and fraud attempts.

I'm sorry, but you're just going to have to walk to a store and pay in cash if you don't want to have any data tracking done at all. Online you'll often have to pick one or the other: data tracking, or flimsy security/data protection. The phone solution is appropriate in my humble opinion, but you're welcome to hold your own views on your principles. If you're hard set against a company tracking ANYBODY via 3rd parties to that level, then I bet you will be very hard-pressed to ever find a computer through an online marketplace from ANY company that will fit that bill perfectly and suits your other needs.

[-] iamonabike@lemmy.ca 21 points 10 months ago

Many payment providers would want websites to implement CAPTCHA for blocking spam and fraud attempts.

This is why. They're using Stripe, and they require it if you have any sort of carding attack, or other fraud attempts. They'll disable your account otherwise. And, this isn't just Stripe, I've encountered it with all payment providers I've implemented.

[-] Fabrik872@apollo.town 25 points 10 months ago

Their focus is i think in making pop os for hardware from clevo or someone similar or themselves in case of desktops not making websites. I mean i agree that this suck because this websites represents them. I am just saying that maybe they dont even have its own web developers for the site and the company that handles their eshop probably dont offer alternative capcha method and for them to change that they need to change the conpany that handles eshop or make their own. Both are very complicated and expensive solutions i think.

[-] whodoctor11@lemmy.ml 18 points 10 months ago* (last edited 1 month ago)

You see, even Mozilla uses reCaptcha and other Google APIs. Companies that "fight for freedom" will only do the minimal. Still, I think is worthy to send an email do System 76 with this reclamation.

CC BY-NC-SA 4.0

[-] spacemanspiffy@lemmy.world 16 points 10 months ago

I agree with you. Purism had this same problem at one point I believe - turns out that the Wordpress plugins that they used for their site came bundled with Google crap.

It's possible this wasn't an intentional choice by anyone at S76, but instead just spyware bundled with other components.

Both businesses should know to evaluate their dependencies for these sorts of things, but mistakes do happen. It's good that concerned community members exist to call them out, even if they have no plans to change it.

[-] mmstick@lemmy.world 7 points 10 months ago

It's not a matter of bundling, but because virtually every online payment processor requires it.

[-] cmnybo@discuss.tchncs.de 16 points 10 months ago

I wasn't very impressed with their customer service. They wouldn't sell me a new battery when mine died. Now I'm stuck with an otherwise perfectly good laptop that now has to be plugged in all the time.

[-] randombullet@feddit.de 9 points 10 months ago

This is why I bought framework this time around. Hopefully they exist 5-10 years down the line.

load more comments (1 replies)
[-] skankhunt42@lemmy.ca 4 points 10 months ago

I got a battery from them without a problem last year. Have you tried recently?

load more comments (2 replies)
[-] BlinkerFluid@lemmy.one 13 points 10 months ago

buys another used Thinkpad on eBay

If it ain't broke...

[-] Vincent@feddit.nl 24 points 10 months ago

Ah yes, I'm sure there are no trackers on eBay.

[-] BlinkerFluid@lemmy.one 6 points 10 months ago* (last edited 10 months ago)

I'm sure it doesn't really matter, either but we aren't arguing that, so...

[-] const_void@lemmy.ml 11 points 10 months ago

You're worried about Google trackers on their website but you were gonna potentially buy a Lenovo Thinkpad? Lololol

[-] Pig@lemmy.world 7 points 10 months ago* (last edited 10 months ago)

I agree with your stance, and I can also acknowledge what other people are saying, about not being able to find companies anymore, that aren't willing to sell your information to multi-billion dollar targeted-ad companies. I would do what a couple other people, in this post, mentioned. Buy a used laptop/desktop, in cash, that supports coreboot. To my knowledge, anything past an i5 can't fully remove all of the IME blobs, anyways. If you want something for gaming, and don't want to support/contribute to the funneling of personal data, I would build a desktop from parts that work well with Linux, from a store like MicroCenter.

[-] xXthrowawayXx@hexbear.net 5 points 10 months ago

You’re cutting off your nose to spite your face under the mistaken belief that voting with your dollar is effective.

Consider tracking mitigation techniques as opposed to the boycott.

[-] TropicalDingdong@lemmy.world 5 points 10 months ago

I was very disappointed in my Serval.

It never got a firmware update that it sorely needed. Maybe 1 hr battery life?

I personally think they should just focus on Pop_OS! .

I'm much happier with the laptop I ran out and grabbed from a big box store to replace the 2k+ one I bought from system 76.

[-] mmstick@lemmy.world 4 points 10 months ago

I personally think they should just focus on Pop_OS! .

Pop!_OS does not generate any revenue. It would cease to exist without System76 hardware sales.

[-] kilgore_trout@feddit.it 3 points 10 months ago

It must be hard to address all the people who don't know what they are talking about. My next laptop will come no sooner than 10 years in the future, but you keep up the good work!

load more comments
view more: next ›
this post was submitted on 05 Sep 2023
130 points (81.6% liked)

Linux

45753 readers
734 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
AgreeableLandscape@lemmy.ml
nooter692@lemmy.ml
MarcellusDrum@lemmy.ml
cypherpunks@lemmy.ml
cyclohexane@lemmy.ml
d3Xt3r@lemmy.nz